Vim
by Vim
Source repositories
CVEs (257)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-20807 | 0.00 | — | 0.00 | May 28, 2020 | In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | |||
| CVE-2020-9769 | 0.00 | — | 0.01 | Apr 1, 2020 | Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim. | |||
| CVE-2019-20079 | 0.00 | — | 0.02 | Dec 30, 2019 | The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. | |||
| CVE-2018-20786 | 0.00 | — | 0.03 | Feb 24, 2019 | libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c. | |||
| CVE-2008-6235 | 0.00 | — | 0.03 | Feb 21, 2009 | The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases. | |||
| CVE-2008-3075 | 0.00 | — | 0.04 | Feb 21, 2009 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive,… | |||
| CVE-2008-3074 | 0.00 | — | 0.04 | Feb 21, 2009 | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive,… | |||
| CVE-2009-0316 | 0.00 | — | 0.03 | Jan 28, 2009 | Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function… | |||
| CVE-2008-4677 | 0.00 | — | 0.02 | Oct 22, 2008 | autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts,… | |||
| CVE-2008-3294 | 0.00 | — | 0.04 | Jul 24, 2008 | src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window,… | |||
| CVE-2007-2953 | 0.00 | — | 0.04 | Jul 31, 2007 | Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. | |||
| CVE-2007-2438 | 0.00 | — | 0.03 | May 2, 2007 | The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines. | |||
| CVE-2005-2368 | 0.00 | — | 0.03 | Jul 26, 2005 | vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels. | |||
| CVE-2005-0069 | 0.00 | — | 0.00 | Jan 13, 2005 | The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files. | |||
| CVE-2004-1138 | 0.00 | — | 0.00 | Jan 10, 2005 | VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7)… | |||
| CVE-2002-1377 | 0.00 | — | 0.00 | Dec 23, 2002 | vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt. | |||
| CVE-2001-0408 | 0.00 | — | 0.02 | Jun 18, 2001 | vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes. |
- CVE-2019-20807May 28, 2020risk 0.00cvss —epss 0.00
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
- CVE-2020-9769Apr 1, 2020risk 0.00cvss —epss 0.01
Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim.
- CVE-2019-20079Dec 30, 2019risk 0.00cvss —epss 0.02
The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
- CVE-2018-20786Feb 24, 2019risk 0.00cvss —epss 0.03
libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.
- CVE-2008-6235Feb 21, 2009risk 0.00cvss —epss 0.03
The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases.
- CVE-2008-3075Feb 21, 2009risk 0.00cvss —epss 0.04
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive,…
- CVE-2008-3074Feb 21, 2009risk 0.00cvss —epss 0.04
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive,…
- CVE-2009-0316Jan 28, 2009risk 0.00cvss —epss 0.03
Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function…
- CVE-2008-4677Oct 22, 2008risk 0.00cvss —epss 0.02
autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts,…
- CVE-2008-3294Jul 24, 2008risk 0.00cvss —epss 0.04
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window,…
- CVE-2007-2953Jul 31, 2007risk 0.00cvss —epss 0.04
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
- CVE-2007-2438May 2, 2007risk 0.00cvss —epss 0.03
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
- CVE-2005-2368Jul 26, 2005risk 0.00cvss —epss 0.03
vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
- CVE-2005-0069Jan 13, 2005risk 0.00cvss —epss 0.00
The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files.
- CVE-2004-1138Jan 10, 2005risk 0.00cvss —epss 0.00
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7)…
- CVE-2002-1377Dec 23, 2002risk 0.00cvss —epss 0.00
vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
- CVE-2001-0408Jun 18, 2001risk 0.00cvss —epss 0.02
vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes.
Page 13 of 13